Youre prepared file for me worked (as I already said here).
Really nice

But I also don't understand why it works.
When I look in /etc/upstart/userstore, the relevant lines for extracting the data.tar.gz file are:

Code:

cd ${MNTUS_MP}
tar xvzf data.tar.gz

And as long as I remember your have to give tar the "P" flag also for extraction to extract with absolute paths.
And the flag is not present on the above two lines (and therefore it should unpack the data.tar.gz relative to /mnt/us)???

Youre prepared file for me worked (as I already said here).
Really nice

But I also don't understand why it works.
When I look in /etc/upstart/userstore, the relevant lines for extracting the data.tar.gz file are:

Code:

cd ${MNTUS_MP}
tar xvzf data.tar.gz

And as long as I remember your have to give tar the "P" flag also for extraction to extract with absolute paths.
And the flag is not present on the above two lines (and therefore it should unpack the data.tar.gz relative to /mnt/us)???

Where is my error in reasoning?

That's exactly what I thought. I thought that tar only uses absolute paths on extraction not on creation. You would think that's some huge security flaw for all unix systems. Download a tar file. Overwrite settings or delete documents, etc.

I'm assuming this is simply a bug in the version of tar that ships with the kindle (i.e. busybox). I admit I also wasn't expecting it to work

Semi-serious: Yeah, maybe I should have kept this back until Amazon fixed one of the holes, only to reveal the next. But then again, I found it useful, if only to help folks like MatzeMatze or others who inadvertently bricked their devices. And I mostly believe in full disclosure anyway.

That said, it would be *really* nice if Amazon realized that allowing users to tamper with their devices (at own risk of course), instead of trying to lock them in, can actually be an advantage.

For example, I'm running a (quite old) Linksys 54 Wifi router here, which I bought specifically because there was a possibility to install OpenWRT on it. After that model became hugely popular, Linksys actually released *two* versions of the successor device: one with proprietary software, and one (I think it was called WRT54GL or so) with a Linux OS which was from the beginning designed to be modded by interested people. And it was a big success.

Can someone point me to the direction on how to patch existing app/ui if anyone knows how to do it? I'm not familiar with Java but I don't mind looking it up and just learn enough to make some modifications.

Personally I don't really need any additional apps for the Touch, but would rather like to fine tune small things such as displaying page number instead of Loc, or search wikipedia for highlighted word, etc... thanks!

I think I just found an alternative way of jailbreaking the device. I actually stumbled upon this while looking for a way to de-brick a KT which is not showing any UI, but is at least capable of booting up to the point of announcing itself as a USB device.

So here's how it goes: [...]

As said, this may not only be useful for jailbreaking, but also for de-bricking devices which don't properly get the UI running anymore. As long as USB drive access works, this method should also work. For a bricked device, the reboot is achieved by long-pressing (30 secs?) the power button.

Let me know if this is reproducible.

It works for me and I've got a SSH connection via WiFi to my "bricked" Kindle Touch. Thank you very much!

I'm new to the Kindle community, but it mystifies me why so many people seem to be looking for some way to turn off the ads on the ad-supported Kindles. The ads aren't badly intrusive -- if it popped up ads while you were reading a book, say, I could see people wanting to remove it, or if a quarter of the screen were taken up with ads in the home page. But removing the ads just lets you use a different screensaver and adds space for one additional book to be listed on the home screen.

I could also see it if the ads were forced on you, and you didn't have the choice of buying a version with no ads. But you do. And even if you bought the version with ads, any time you want, you can pay the $40 difference and get rid of them.

If you bought a Kindle Touch, you already paid $99. Are the ads so bad for these people that they really can't live with them for a month or two to save up another $40 and pay to have them removed? Do people not know that they can remove the ads later? (I know I was surprised to find out that you could -- Amazon doesn't really seem to publicize that.)

Don't get me wrong. I don't like ads. I run an ad-blocker on my web browser... but that's because most sites don't give me the option to remove ads, and some have ads that are extremely intrusive (e.g., popouts that want to suddenly cover most of the page just because you happened to move your mouse pointer over them). I've removed ads from software before, but only when the ads were intrusive (I remember one "free trial" e-reader for the Palm I used that popped up an ad for the full version about every 30 seconds, while you were reading. I wound up finding a way to remove the ads just so I could properly try out the software... and I did eventually register my copy). But the ads on the Kindles don't seem that intrusive, and they do give you a way to get rid of them.

Thank you for your amazing work. I take my hat off to you for coming up with this genius exploit. I have a quick question, and I think you of all people are the most equipped to answer. I've made a folder toggle for your GUI launcher that hides specific folders; more info. My question is this: How can i trigger a refresh of the home screen and a rescan of the documents folder without rebooting the kindle?

I've made a folder toggle for your GUI launcher that hides specific folders; more info. My question is this: How can i trigger a refresh of the home screen and a rescan of the documents folder without rebooting the kindle?

With KK you had to send com.lab126.powerd.resuming event via dbus. But KT does not need that. When I create or delete a file using SSH, it immediately (dis)appears in GUI. Isn't it acting the same with your move scripts?